The ecosystem of Apple’s Mac OS has long been heralded as a safe haven from the world of digital threats, and while its users were never immune to common phishing scams, they were largely in the clear from infiltration by most malware.
In reality, the supposed invulnerability in Macs had less to do with anything unique about their software than their relative rarity on the market. When hackers or malware experts seek to infect computers and allow their code to spread from machine to machine, they focus their efforts on the operating systems with the widest reach. In the early 2000s, when Apple put renewed vigor into their marketing and advertising campaigns, their computers had such a fractionally small percentage of worldwide market share that they simply weren’t an attractive target. Even today, with all the emphasis on Microsoft losing market share to Apple, 2016 data still indicates that Apple has sold only 7.4 percent of the computers in 2016. As such, they historically haven’t been an especially lucrative target for hackers and are still a bit away from the mainstream.
Recently, that immunity may have begun changing as a new bit of malware was discovered. Named “Backdoor.MAC.Eleanor,” it’s installed while hidden within the seemingly innocuous Easy Doc Converter program that helps change Microsoft Office documents into other file formats. While it’s not uncommon for friendly software to have an unannounced stowaway, this file converter is available through otherwise reputable sites, allowing its creators to prey on unsuspecting individuals who let their guard down while browsing.
Once installed, Eleanor exploits a tool called “wacaw,” which grants access to the computer’s webcam, allowing it to capture images and videos of users and their surroundings without their knowledge. What the hackers plan to do with these images is largely unknown. But it’s safe to assume that the results would be similar to other blackmail-esque ransomeware scams, in which the hackers wait for a compromising photo to be taken and threaten to release it — or other private information — in exchange for money.
While this isn’t the first time Mac users have been exposed to potential threats, the relative simplicity of this sort of exploit is what makes it so effective. Rather than scanning drives or logging keyboard entries for financial information, the real danger here is in what the camera captures. While many computer owners have opted to proactively cover their camera when not in use, those with Apple’s Gatekeeper security package should remain unscathed as well, as the file converter program doesn’t possess a digitally signed certificate from Apple.
Alary Clinitech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at (416) 291-7377 or send us an email at info@clinitech.ca for more information.